- Three (3) years or more involvement in various complex and large environments, including client-facing cybersecurity consulting experiences
- At least 1 Cybersecurity-related certification, such as ISO 27001 Lead Implementor / Lead Auditor, ISC2 CISSP, ISACA CISA, ISACA CISM, ISACA CGEIT, ISACA CRISC, OSCP, OSWP, OSCE, OSWE, CompTIA Security+
- Preferably has cloud or cloud security related certifications such as AWS Cloud Practitioner and/or Solutions Architect, or AWS Security Specialty, or Google Cloud Architect and/or Data Engineer, or Google Cloud Security Engineer
- Has experience with a good knowledge of Unix, Linux, Windows, network devices, firewalls, web and/or mobile application developmentsIs familiar with cloud environments such as AWS, Alibaba, or GCP, including with containerisation such as Docker and Kubernetes
- Is familiar with managing infrastructure and technology in Microservice stack (such as Load Balancing, HAProxy, ORA WebLogic, Kafka or Kong) Has knowledge on how to perform assessment or analysis on the level of application, network and infrastructure for new application development or system integration Has capability to understand SDLC processes to support IT operation and development for security compliance.
- Has a good understanding of SAST & DAST will be excellent
- Has general knowledge of information security management frameworks, such as ISO/IEC 27001, NIST, or PCI DSS